Fortinet Security Fabric en pratique. Partie 5. Administration et automatisation

, ! . Fortinet Security Fabric. “-”, . , , . 

. VLAN . VLAN’ , , VLAN . , VLAN’ - 100. WiFi & Switch Controller -> FortiSwitch VLANs :

, - VLAN’, , IP DHCP ( DHCP , DHCP ). ( ), - VLAN’. 

VLAN . PING , . 

VLAN’ . - Administrative Access Security Fabric Connection. CAPWAP, . VLAN’ - 50:

VLAN’ FortiSwitch. , - 7. Native VLAN VLAN’:

, SSID, . SSID. 

WiFi & Switch Controller -> SSIDs -> Create New. SSID , IP , ( ), DHCP , SSID ( SSID, , ). broadcast SSID . . Quarantine host - , . :

- FortiOS 6.4.3 , . Release Notes , :

workaround. 

. , . 

: , . - . 

:

, , SSL . . . 

:

, ( ), . 

. ( ). IoC . 

PingTools:

- SSID . - FortiSwitch. 

. : - FortiAnalyzer’:

6.2 FortiAnalyzer Fortinet - Security Fabric. , . 

FortiEMS FAZ

FortiClient EMS FortiAnalyzer. - FortiAnalyzer’ , , , :

- . 6.4 : - Automation Stitch, - FortiSOC. Automation Stitch.

( ). , , . :

Trigger , ( Action). . , Compromised Host, - FortiClient EMS, IP , :

: . Dashboards -> Users & Devices. Quarantine , . , :

, , , C2C VLAN. , . 

FortiSoC, FortiAnalyzer. . :

. :

- , , . , - , :

. :

, FortiAnalyzer , . EMS , , . , , :

, FortiSwitch. :

:

. FortiSoC -> Automation -> Playbook Monitor. . :

- . . FortiSoC -> Incidents. :

, , (). , . 

, FortiSoC , 5 . 

. Fortinet , , - , . - , . , , :

Youtube